Lucene search
K

15 matches found

RedhatCVE
RedhatCVE
added 2026/04/17 8:18 a.m.5 views

CVE-2026-6435

A flaw was found in rust-coreutils. A local attacker can exploit a Time-of-Check to Time-of-Use TOCTOU race condition in the chmod command when it traverses symbolic links. By manipulating file system objects between the permission check and the actual permission change, a malicious user can caus...

5.7AI score
Exploits0References2
SUSE Linux
SUSE Linux
added 2026/02/11 8:30 a.m.1 views

Security update for python-wheel

This update for python-wheel fixes the following issues: CVE-2026-24049: Fixed absent path sanitization can cause arbitrary file permission modification bsc1257100. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

7.7CVSS5.7AI score0.00311EPSS
Exploits2References4
Microsoft CVE
Microsoft CVE
added 2025/11/09 9:2 a.m.7 views

KubeVirt Isolation Detection Flaw Allows Arbitrary File Permission Changes

...

5CVSS6.8AI score0.00191EPSS
Exploits1
EUVD
EUVD
added 2025/11/07 11:4 p.m.8 views

EUVD-2025-38213

KubeVirt is a virtual machine management add-on for Kubernetes. In versions before 1.5.3 and 1.6.1, the virt-handler does not verify whether the launcher-sock is a symlink or a regular file. This oversight can be exploited, for example, to change the ownership of arbitrary files on the host node ...

5CVSS6.5AI score0.00191EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-13447

Malware in sbrugna...

7.1CVSS7AI score0.00336EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-0121

Malware in sbrugna...

10CVSS6.4AI score0.05347EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/02/04 12:0 a.m.4 views

PT-2025-3882 · Parallels · Parallels Desktop

Name of the Vulnerable Software and Affected Versions: Parallels Desktop affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target host...

7.8CVSS7.5AI score0.00415EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.2 views

SAMSUNG Magician PC Software 安全漏洞

SAMSUNG Magician PC Software is an application from the South Korean company Samsung SAMSUNG. Designed to help manage Samsung SSDs. A security vulnerability exists in SAMSUNG Magician PC Software version 8.0.0. An attacker can escalate privileges by writing with arbitrary file permissions...

6.7CVSS6.9AI score0.00172EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:24 a.m.3 views

SUSE CVE-2018-15687

A race condition in chownone of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. Affected releases are systemd versions up to and including 239...

6.3CVSS6.9AI score0.01058EPSS
Exploits4References3
Exploit DB
Exploit DB
added 2019/10/07 12:0 a.m.262 views

CheckPoint Endpoint Security Client/ZoneAlarm 15.4.062.17802 - Privilege Escalation

Exploit Title: CheckPoint Endpoint Security Client/ZoneAlarm 15.4.062.17802 - Privilege Escalation Date: 2019-01-30 Exploit Author: Jakub Palaczynski Vendor Homepage: https://www.checkpoint.com/ Version: Check Point Endpoint Security VPN = E80.87 Build 986009514 Version: Check Point ZoneAlarm =...

7.8CVSS7.9AI score0.01038EPSS
Exploits5
Cvelist
Cvelist
added 2014/03/14 10:0 a.m.27 views

CVE-2014-1272

CrashHouseKeeping in Crash Reporting in Apple iOS before 7.1 and Apple TV before 6.1 allows local users to change arbitrary file permissions by leveraging a symlink...

5.7AI score0.0035EPSS
Exploits0References2
NVD
NVD
added 2013/03/14 3:13 a.m.16 views

CVE-2013-1423

1 contrib/gforge-3.0-cronjobs.patch, 2 cronjobs/homedirs.php, 3 deb-specific/fileforge.pl, 4 deb-specific/groupdumpupdate.pl, 5 deb-specific/sshdumpupdate.pl, 6 deb-specific/userdumpupdate.pl, 7 plugins/scmbzr/common/BzrPlugin.class.php, 8 plugins/scmcvs/common/CVSPlugin.class.php, 9...

6.9CVSS6.2AI score0.00374EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2007/03/02 10:19 p.m.3 views

CVE-2007-1227

VShieldCheck in McAfee VirusScan for Mac Virex before 7.7 patch 1 allow local users to change permissions of arbitrary files via a symlink attack on /Library/Application Support/Virex/VShieldExclude.txt, as demonstrated by symlinking to the root crontab file to execute arbitrary commands...

6.6CVSS5.8AI score0.00758EPSS
Exploits1References10
exploitpack
exploitpack
added 2002/07/29 12:0 a.m.21 views

FreeBSD 4.x NetBSD 1.4.x1.5.x1.6 OpenBSD 3 - pppd Arbitrary File Permission Modification Race Condition

FreeBSD 4.x NetBSD 1.4.x1.5.x1.6 OpenBSD 3 - pppd Arbitrary File Permission Modification Race Condition source: https://www.securityfocus.com/bid/5355/info A vulnerability has been reported in some versions of the pppd daemon included with multiple BSD distributions. A race condition error in the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2002/07/29 12:0 a.m.32 views

FreeBSD 4.x / NetBSD 1.4.x/1.5.x/1.6 / OpenBSD 3 - pppd Arbitrary File Permission Modification Race Condition

source: https://www.securityfocus.com/bid/5355/info A vulnerability has been reported in some versions of the pppd daemon included with multiple BSD distributions. A race condition error in the code may result in the pppd process changing the file permissions on an arbitrary system file. pppd wil...

7.4AI score
Exploits0
Rows per page
Query Builder